Let know we don't support HTTP compression

adrienverge / openfortivpn

Client for PPP+TLS VPN tunnel services

GNU General Public License v3.0

2.75k stars 322 forks source link

Let know we don't support HTTP compression #1213

Closed DimitriPapadopoulos closed 7 months ago

DimitriPapadopoulos commented 7 months ago

It looks like newer Fortinet gateways will send compressed HTTP if we notify them we support it - but we don't.

Fixes #1212.

rodrigoaguilera commented 6 months ago

@DimitriPapadopoulos I'm unable to connect since the 1.22.0 update. Might this be related? I get

INFO:   Got addresses: [172.16.232.11], ns [172.16.249.101, 172.16.49.101]
INFO:   Negotiation complete.      
INFO:   Negotiation complete.       
Peer refused to agree to his IP address
Connect time 0.1 minutes.                                                            
Sent 1101 bytes, received 1081 bytes.
ERROR:  Timed out waiting for the ppp interface to be UP.

DimitriPapadopoulos commented 6 months ago

No, I don't see how it could be related.

Please open an issue, and provide information on the OS and the version that worked before the upgrade (as opposed to 1.22.0).

rodrigoaguilera commented 6 months ago

Digging through the issues. I'm facing the ppp 2.5.0 update bug

https://github.com/adrienverge/openfortivpn/issues/1076

I followed the route of moving to openconnect. I don't think I have much more info to add to that bug other than maybe reopen until the issue is fixed on the ppp side.

Thank you for your response :pray:

DimitriPapadopoulos commented 6 months ago

On platforms with PPP < 2.5.0 and if openfortivpn has not been properly built (MacPorts and perhaps even Homebrew despite https://github.com/Homebrew/homebrew-core/commit/d88b7a153a82827379aa729360fd71a4e1c47e52), use the pppd-accept-remote option:

openfortivpn --pppd-accept-remote=0